Featured, OIT News

Work securely in the cloud

By Rhonda Greene

Are you working in the cloud? If you’re working with data stored somewhere other than on your device or the campus network, the answer is yes. 

When you check your email, edit a Google Doc or post to Facebook, you’re working in the cloud. Cloud platform services offer many benefits such as data sharing and collaboration, data organization and file management. Additionally, it’s convenient to have data synchronization across multiple devices, which allows you to access your data from any device whenever you have access to the internet. Working in the cloud has many benefits but can also be risky.

Know the risks

The first step in cloud security is being aware of the risks:

  • Oversharing
    When a cloud service offers overly simple or overly complex sharing options, you might accidentally share sensitive, personal and university data with the wrong people or groups.
  • Loss of access
    You won’t be able to access any of your data in situations such as:

    • Forgetting to renew your subscription to the cloud service
    • Server crashes, data breaches or any sudden end-of-service scenario
  • Insufficient data privacy rights
    You may not be able to control how, when or who accesses your data. Some cloud services retain the right to access and share the information you store on their platform. If your cloud solution doesn’t offer private encryption, you can’t protect your personal or university data.
  • Data exposure 
    • Once data is added to the cloud, it’s out there! Depending on the terms of a contract between you and the cloud vendor, you may not be able to undo that exposure. For example, if you post something on Facebook, anyone with permission to view it may be able to download it or share it. The longer it’s out there, the more it is exposed. Conversely, when you work in an isolated computing environment such as NC State’s Secure University Research Environment (SURE), your SURE data is securely contained and retractable because of the cybersecurity designed into it. 
    • Also, if the service doesn’t require you to have a secure login with a strong, unique password and multi-authentication, it’s too easy for cybercriminals to break into your account and access your sensitive information. Similarly, if the cloud platform fails to incorporate reliable encryption, product testing or software patching, your data is at a high risk of being breached.  

Tips to secure your data in the cloud

You need to protect university data as well as your own, especially when that data is sensitive:

  • University data classification
    Visit the Data Classification Levels section of the Data Management Framework to see how your university data is classified. 
  • University data storage locations
    See Storage Locations for University Data, which specifies approved storage options for each data-sensitivity level; the more sensitive the university data, the more restrictive the storage requirements.
    For example, for public data, which is not sensitive (green), you have the most storage options available. At the opposite end of the data-sensitivity spectrum is ultra-sensitive (purple) data such as Social Security numbers; you are required to store purple data only on approved storage locations per Storage Locations for University Data.
  • Account authentication
    Use a strong, unique passphrase that is easy to remember and impossible for others to guess. Activate multi-factor authentication. 
  • Sharing permissions
    Be specific about who has access to your information and for how long. Be careful not to accidentally share sensitive data with the wrong person or, much worse, allow public access. Keep your files private. Only allow specific people or groups to access specific files or folders. Remove individuals and groups that no longer need access.
  • Security settings
    Take the time to read through and understand the privacy and security settings your cloud service offers. Be restrictive regarding who else has the power to share your data. Make sure your cloud solution provides a way to track who has access to your files and check those permissions regularly.
  • Subscriptions
    Make sure you set a reminder to renew your cloud service subscription so you don’t lose access to all of the data you’ve stored in the cloud.